<?php
session_start();
$bdd = mysqli_connect("localhost","root","", "machiavel_fantasy");
if(isset($_POST['valider'])){

    $email_user=mysqli_real_escape_string($bdd,htmlentities(trim($_POST['email_user'])));/*on prepare la chaine de caractere entrée par l'utilisateur*/
	$pw_user=mysqli_real_escape_string($bdd,htmlentities(trim($_POST['password_user'])));
	$salt = "802587@!alsd";
    $password = sha1(sha1($pw_user).$salt);
	$query="SELECT * FROM users WHERE email='".$email_user."' AND password='".$password."'";
	$res = mysqli_query($bdd, $query);
	$row=mysqli_num_rows($res);
	if($row==1){
        $data = mysqli_fetch_array($res);
        $_SESSION['id_user']=$data['id_user'];
		$id=$_SESSION['id_user'];
		$query=" update users set date_lastco = NOW() where id_user='".$id."'";
		$res = mysqli_query($bdd, $query);
        header('Location:profil.php');
	}
	else{
		include_once("connexion.html");
	}
}
else{
include_once("connexion.html");
}
?>